DEMO: the Lifecycle of Objects in a Bucket
Start course

This course is an introduction to the fundamental aspects of Alibaba’s Object Storage Service (OSS). It starts off by explaining the features and advantages of the service, before moving on to the concepts of OSS and security. You will then watch two demos that use real-life examples from the Alibaba Cloud platform to guide you through storage buckets and object operations.

If you have any feedback about this course, please contact us at

Learning Objectives

  • Become familiar with buckets, regions, objects, and object lifecycle management in OSS
  • Understand the advantages and billing models of OSS products
  • Learn about the management, use, and operation of OSS buckets and objects

Intended Audience

  • Those who are starting out on their journey into Alibaba Cloud and who want to learn more about OSS
  • Security engineers who secure and safeguard data within Alibaba
  • Beginners who want to get certified in Alibaba


To get the most from this course, you should already have some basic knowledge of cloud computing. If you would like to brush up on your cloud knowledge before taking this course, please consider taking our What is Cloud Computing? course.

A basic understanding of object storage would also be beneficial for this course. Please see our blog post on the topic here.


Hello, and welcome to this demonstration on the lifecycle of objects in a bucket using the Alibaba OSS console. Here you can see that I'm logged into the Alibaba Cloud console and I'm just gonna open the menu list so I can select the object storage service. This now opens up the object storage service into the overview window. From the menu list on the left hand side of the page, I can select buckets and that will show me a list of existing buckets or I can create a new bucket if required. I have a couple of buckets already listed, so for this demonstration, I'm gonna select test2006. With the bucket open, you can see that we're located on the overview section.

Now from the menu list on the left, I can see the link for files. So I'm selecting files, and that opens up the files page. From here I have various options. I can upload files using the upload button. Now from the portal, the maximum file size that can be uploaded is five gigabytes. To upload files greater than five gigabytes and up to a maximum size of 48.8 terabytes, other methods to upload files are required. Tools such as ossutil, which is a command line tool, can be used to upload files larger than five gigabytes by breaking the file up into parts and uploading the parts in parallel.

I have create folder, which allows us to create folders to logically segregate files in a bucket. Parts allows us to see and delete fragment parts of uploaded files. Authorize allows you to create bucket policies that are either applied to the whole bucket or individual items in the bucket. You can authorize access to users created in the resource access management console, other Alibaba Cloud account users, or anonymous users and you can set the authorized operations to read, read/write, any operation, which would include deleting, or none. Conditions can also be set to allow or deny IP addresses or set the access method to either HTTPS or HTTP. By default, both of these are allowed.

Batch operations, which are grayed out here at the moment, allow you to carry out tasks on multiple files at the same time such as set HTTP header. You can configure HTTP headers to customize HTTP request policies such as cash policy and forced object download policy. Can export URL lists, which exports a list of object names with their corresponding URLs into a CSV file, and you can download or delete selected files in bulk. And finally, there's a refresh button to refresh the page. So I'm gonna upload a couple of image files.

When I click on the upload button, it opens the upload window and you can see the options here are to upload to the current location in the bucket or select a specific folder to upload to. If the folder selected doesn't exist, OSS will create it and then upload the file or files. The next setting is the access control list. The default ACL setting is to inherit from the bucket, but it can be overridden here. It's worth noting that the ACL can also be changed after the files are uploaded.

In the upload window that we can see here, we can either drag and drop one or more files into a folder here, or click on the upload link and a maximum of 100 files can be uploaded at a time. So I'm gonna click on the upload link, and I have a couple of files already created, and I'll just select those two files and I'm gonna upload them. So once the files are uploaded, they will appear in the bucket.

From here, we can either select the file link on the left or the view details link on the right. They both open the same window. And from here, you can cycle through the individual files that are in the bucket. Now this bucket's access control list is set to private, which means that as the owner, only I have access to the contents of the bucket. But within the view details, you can see the URL for the file, and it includes the access key to open the file.

In the validity period above it, you can set a timeframe in seconds. The default and the lowest setting that can be set is 60 seconds, and you can see that we can download the file from here or we can copy the file URL. So if I copy the file URL and then go to a new tab, and right click and do a paste and go, you'll see that I don't get access to the file. Now the reason for that, it was set to 60 seconds and 60 seconds have expired since the time I opened that pane up.

So if I close the tab, come back into the console, close the view details pane and then click on it again, that adds a new key with a 60 second download limit. Copy the file URL and add it and do a paste and go, and you can see I can now see the content of the file. There is a link to set the HTTP header and also set the ACL, so for example, if you wanted to remove the validity period, you can change the ACL to public read.

So if I go and click on set ACL, and swap that to public read and click okay, you can see the changes that's made into the URL. It's just removed the access key ID. There's also a link above the URL for swapping between HTTP and HTTPS, but all that does is changes the link header. Anyone that has the URL could manually change the link header because by default both of these are available. You would actually have to set an authorization rule on the file to change the access condition.

If I close view details and then put the mouse over more, you'll see in the drop down list, there are more links to make changes to the object. So some of these you can do from the view details page like set HTTP header, set ACL. You can download and you can delete. The other settings in here then are object tagging. OSS allows you to configure object tagging to classify objects. You can configure lifecycle rules, for example, and ACLs for objects based on tags. And you can place up to 20 tags on an object.

We can set soft link. This allows you to create a symbolic link to the original file. For example, once a file is uploaded, you can't change it's name from within the portal, so you could create a symbolic link as an alias name for the file or you might want to have different image styles, I'll cover those in a bit, for a file or even change the ACL. After the soft link is set, you can then access the content of the source file through the new URL of the symbolic link file that's created.

So if I just do a demo, so if I set a soft link and in the link folder in here, say for example, in my cat, it's a meerkat, so I'll call that meerkat and click okay, you'll see that a new file is created. A very small file, it's just a link to the file, and when I click on that link, I now have a new URL which is just pointing to the same file, okay? But it just has a slightly different file name. So if I just close out of that and then go back onto the more button. The next thing we can do is select content.

Now, on select content, this allows you to use SQL statements to extract data records from a CSV file. So it's only really useful if you've got data files stored as CSV. And lastly, we can modify the storage class. Now, by default, when the storage class is set at the bucket level, it can't be changed. However, we can modify the storage class for a specific object by then swapping it from whatever it is in the bucket currently to one of the others. So we've got infrequently accessed, or we can select archive. And again, as I've mentioned previously, cold archive, which is not listed here, is a new feature that is in public preview at the moment, so it's only available in one region.

Now also built into OSS, is the image processing or IMG feature. So, if I select data processing, you'll see we've got image processing or IMG and if I select that, that allows us then to create rules. So IMG is an image processing service. After you upload an image, you can then call restful API operations to process the images any time, anywhere, and on any internet connected device. And you can create image style access rules to make changes to the original image file such as changes extension, set blurring, sharpening rules, insert a watermark amongst other things. And once a style rule is created, we will utilize it by accessing the file details of a file and then selecting the rule from a new image style drop down list. So I'll just demo that.

So we're gonna create a rule. So, you'll get a basic demo picture in here, and we're gonna get a rule name. So I've done this on the meerkat symbolic link, so I've just gotta create a rule in here, call it meerkat, and you'll see that I can, for the image, I can change the original format, it's a JPEG at the moment, so I'll say, if someone downloads it, I want it to be downloaded as a PNG file. We can do fade in, we can change the image quality, we can do thumbnail resizing, we can put brightness and contrast and sharpening/blurring effects in here, we can add a watermark.

So for this one I'm gonna add a watermark at the bottom. Just gonna add a bit of text in there, and the text, I want that to say meerkat. And I can change the font size, I'll make that like 100 for example, and I can select where on the page I want that. So the default is at the bottom, so if I say I want it top left, it'll move that up into the top left and I can also specify exactly where I want it on the page rather than these. So if I just go and click okay.

So that's created the meerkat rule, all I need to do now is apply that meerkat rule to my file. So if I go back to files and then I go and select meerkat link, you'll see that there is now an image style drop down. So if I select that, I can now select the meerkat style, and what that will do is then add the watermark into it. Now, if I go and make that public read, for example, so set the access control list, gonna make that public read, click okay, and then copy the URL, open up a tab and do a paste and go, my picture now has the watermark on it and if I right click, and say I want to then save that image, yeah, the option is to save it as a PNG file, 'cause that's what the rule I've put in.

So that's just some of the things that we can do with a file inside the bucket. If the files are no longer required and there's no lifecycle policy in place, we can then manually do like a bulk delete by selecting the files and carry out a batch delete operation. So where the batch operation was grayed out previously, you can see now in the drop down list, we can do batch set HTTP header, export URL list, do a download, do a delete. So if I go and select all of the files and say batch delete, yeah, all my files are now gone, and at that point, if the bucket was no longer required, I could now go and delete the bucket.

Anyway, that concludes this demonstration on the lifecycle of objects in the bucket. Thank you for watching.

About the Author

David has been a trainer with QA for over 12 years and has been training cloud technologies since 2017.  Currently certified in Microsoft and Alibaba cloud technologies David has previously been a system and Network administrator amongst other roles.    

Currently, he is a Principle Technology Learning Specialist (Cloud) at QA. He loves nothing more than teaching cloud-based courses and also has a passion for teaching PowerShell scripting.

Outside of work, his main love is flying Radio control airplanes, and teaching people to fly them.